chore: replace gorilla CSRF with Go 1.25's new CSRF protection

[a-h]

See https://tip.golang.org/doc/go1.25

Need to:

• Upgrade Go in the Nix flake.
• Update docs to point out the new feature in Go 1.25.
• Update example projects to move away from Gorilla, and bump to Go 1.25.
• Check it works well with Gorilla schema by default, i.e. by manually testing examples/crud.

[Jecoms]

Added a PR for this. Kept the go version updates to the affected files, but can update the other examples if desired.